package com.vinny.springbootflowable2.controller;

import com.vinny.springbootflowable2.exception.BusinessException;
import com.vinny.springbootflowable2.exception.UnauthorizedException;
import com.vinny.springbootflowable2.model.ApiResponse;
import com.vinny.springbootflowable2.model.SysUser;
import com.vinny.springbootflowable2.model.dto.LoginDTO;
import com.vinny.springbootflowable2.service.UserService;
import com.vinny.springbootflowable2.util.UserSessionUtil;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.tags.Tag;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;

import jakarta.validation.Valid;

@Tag(name = "用户管理", description = "用户登录、登出等操作，包括用户认证和会话管理")
@RestController
@RequestMapping("/user")
public class UserController {
    
    @Autowired
    private UserService userService;
    
    @Operation(
        summary = "用户登录",
        description = "用户通过登录名和密码进行身份认证"
    )
    @ApiResponses(value = {
        @io.swagger.v3.oas.annotations.responses.ApiResponse(
            responseCode = "200", 
            description = "登录成功",
            content = @Content(
                mediaType = "application/json",
                schema = @Schema(implementation = SysUser.class)
            )
        ),
        @io.swagger.v3.oas.annotations.responses.ApiResponse(
            responseCode = "400", 
            description = "用户名或密码错误"
        )
    })
    @PostMapping("/login")
    public ApiResponse<SysUser> login(
        @Parameter(description = "登录信息，包含登录名和密码", required = true)
        @Valid @RequestBody LoginDTO loginDTO
    ) {
        SysUser user = userService.login(loginDTO.getLoginName(), loginDTO.getPassword());
        if (user != null) {
            UserSessionUtil.setCurrentUser(user);
            return ApiResponse.success("登录成功", user);
        } else {
            throw new BusinessException("用户名或密码错误");
        }
    }
    
    @Operation(
        summary = "用户登出",
        description = "清除当前用户的会话信息"
    )
    @ApiResponses(value = {
        @io.swagger.v3.oas.annotations.responses.ApiResponse(
            responseCode = "200", 
            description = "登出成功"
        )
    })
    @PostMapping("/logout")
    public ApiResponse<Void> logout() {
        UserSessionUtil.removeCurrentUser();
        return ApiResponse.success("登出成功", null);
    }
    
    @Operation(
        summary = "获取当前登录用户信息",
        description = "获取当前会话中登录用户的详细信息"
    )
    @ApiResponses(value = {
        @io.swagger.v3.oas.annotations.responses.ApiResponse(
            responseCode = "200", 
            description = "成功获取用户信息",
            content = @Content(
                mediaType = "application/json",
                schema = @Schema(implementation = SysUser.class)
            )
        ),
        @io.swagger.v3.oas.annotations.responses.ApiResponse(
            responseCode = "401", 
            description = "用户未登录"
        )
    })
    @GetMapping("/current")
    public ApiResponse<SysUser> getCurrentUser() {
        SysUser user = UserSessionUtil.getCurrentUser();
        if (user != null) {
            return ApiResponse.success(user);
        } else {
            throw new UnauthorizedException("用户未登录");
        }
    }
} 